Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Riot-os Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27427 1 Riot-os 1 Riot 2022-05-12 7.5 HIGH 9.8 CRITICAL
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
CVE-2019-1000006 1 Riot-os 1 Riot 2021-07-21 7.5 HIGH 9.8 CRITICAL
RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via network connectivity.
CVE-2020-15350 1 Riot-os 1 Riot 2021-07-21 7.5 HIGH 9.8 CRITICAL
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates the expected decoded size with an arithmetic round-off error and does not take into account possible padding bytes. Due to this underestimation, it may be possible to craft base64 input that causes a buffer overflow.
CVE-2021-27357 1 Riot-os 1 Riot 2021-04-09 7.5 HIGH 9.8 CRITICAL
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c.
CVE-2021-27697 1 Riot-os 1 Riot 2021-04-09 7.5 HIGH 9.8 CRITICAL
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.
CVE-2021-27698 1 Riot-os 1 Riot 2021-04-09 7.5 HIGH 9.8 CRITICAL
RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function.